Malicious code in ownersv2-obfuscator (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a0f9f47de4b7578abfcf53d93e7033ba0e908053bac0650fee520c4effa57e26 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-4679 Malicious code in chatbox-fca-remake (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 83a5b117803c27e7a6bb055ed45b86878c6edf34dea10fa6c638486c656c6ec8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-4682 Malicious code in espresso-ui (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c8ce5ab7d96b084c2116afda967b080d56ed7a0dad48fe8ac7b67a1317824e8a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in some-private-package (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 74c2eb038ada13a2b2c86adb72a460b9a2e327e9682b3ecce38839b4f8de281d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in graphstruct (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3d501610322eef6c7aa27534198e500566f7ac611d91e55d92612e12fb8bd817 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in system-health-sync-api (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 13c337e149bd36fcd54891e550bf7fdb7c1dc36b1bfc1b06e0b1427851d4adde Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-4696 Malicious code in tradingv-scraper (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d77275e798392b8c057b8a2e84fc0af74d6d01c3a2d426ee0b05ef9ce80a6b3c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-4683 Malicious code in express-api-sync (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware efac302be698778eb5fe49cde2fadcf3d675910622eaf3387754f96e332f87f9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-4642 Malicious code in figwrap (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3cd13bb1130e41b3a2f595500f734384befef8c3107668edb6c2595730a13ddf Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in canvas-helper-kit (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 10a55b1c2c0c95b2f39df71c4e6d9dc7b34f680ad6ed6c14449d6bfdb3dfb207 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in nodyne (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ba16ef861090c23b958fabcd5d99446ac8605df4f4eacdb52bb885d11c03f480 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in viryy-nexa (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 83da7b12f8cd7a828569d2936d55759bc96ad48760ba8ea0124dcf612721e671 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-4648 Malicious code in node-prettier (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 843fe1d3338e398ebc485508d20455b921ed8e3cbfcd3fd1140d4aae32d34109 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-4647 Malicious code in node-pkg-state (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c0891ea1584d40cb7d6b9667931aaeee24089a5d7f605727e42f717b4b378682 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-4660 Malicious code in verylinh-sky (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c7a2f858becbec37d67893dd85db5e5b64fdc82bb1ff3d81c07e18868c059f86 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-4649 Malicious code in nodyne (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ba16ef861090c23b958fabcd5d99446ac8605df4f4eacdb52bb885d11c03f480 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Delta Electronics CNCSoft 安全漏洞

Delta Electronics CNCSoft is a CNC machine simulation system software from Delta Electronics China. An out-of-bounds write vulnerability exists in Delta Electronics CNCSoft, which can be exploited by an attacker to execute arbitrary code on the system...

MAL-2025-4728 Malicious code in actions-languageservice (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3acb74af5f6a7d398be58bda53f50ba2f8e6487b53678077cffda3a4531ecef4 Any computer that has this package installed or running should be considered...

MAL-2025-4638 Malicious code in atlas-global-npm (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a2da4219e6bc0eb3a57f45a9fef584e5c6b27af790d62395489febfeb78c5bf3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in blipkitgit (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6e899e9940707fc06d8dce8080f1ea4e59dbdfbb122526755ce4006c4e226d92 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...